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- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 
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- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )M Responsive to communication(s) filed on 02 March 2003 . 
2a)D This action is FINAL. 2b)0 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 
closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-30 is/are pending in the application. 
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5) D Claim(s) is/are allowed. 

6) E3 Claim(s) U30 is/are rejected. 

7) D Claim(s) is/are objected to. 
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Application Papers 

9) D The specification is objected to by the Examiner. 
10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

1 1 )□ The proposed drawing correction filed on is: a)D approved b)Q disapproved by the Examiner. 
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2. n Certified copies of the priority documents have been received in Application No. . 
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application from the International Bureau (PCT Rule 17.2(a)). 
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1 . This action is in response to Applicant's Appeal brief filed 2 March 2003. 
Examiner has carefully considered Applicant's Appeal and hereby reopens prosecution 
on this application. 

2. Claims 1 - 30 are pending in this case. Applicant's arguments, see Appeal brief, 
filed 2 march 2003, with respect to the rejections of claims 1 - 30 have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. 
However, upon further consideration, a new ground(s) of rejection is made. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C, 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

4. Claims 1- 9 are rejected under 35 U.S.C. 102(e) as being anticipated by Angelo 
et al (US 6,119,228a). 

5. Regarding claim 1 - 

Angelo discloses a method for securely establishing communication in a multicast group 
of nodes of a network, in which the network includes publisher nodes, subscriber nodes, 
a multi-master directory that stores information about events in the network and that can 
authenticate the subscriber nodes and the publisher nodes, whereby each of the 
subscriber nodes and the publisher nodes receives a unique private key and that can 
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determine events that the subscribers and the publishers may process, the method 
comprising the steps of registering the subscribers and the publishers with an event 
server configured to determine whether the publishers are authorized to produce certain 
events corresponding to the event types and whether the subscribers are authorized to 
receive the certain events in response to the step of accessing; generating, with the 
event server, a group session key for establishing one of the multicast groups, the 
group session key being encrypted in a message that has a prescribed format (Col. 3 In 
21 -63). 

6. Regarding claim 2 - 

Angelo discloses the method as recited in Claim 1, further comprising the steps of: 
receiving a message from the subscribers in response to the subscribers determining 
whether the received message corresponds to a correct key version; updating the group 
session key; and selectively reregistering the subscribers at the event server (Col. 3 In 
21-63). 

7. Regarding claim 3 - 

Angelo discloses the method as recited in Claim 1 , wherein the prescribed format of the 
message conforms to lightweight directory access protocol (LDAP) (Col. 3 In 21 - 63). 

8. Regarding claim 4 - 

Angelo discloses the method as recited in Claim 1, wherein the prescribed format of the 
message comprises a protocol version number field, a message type field, and a 
message length field (Col. 3 In 21 - 63). 

9. Regarding claim 5 - 
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Angelo discloses the method as recited in Claim 1 , wherein the step of authenticating 
comprises controlling access by the directory in conjunction with utilizing an external 
authentication service that allows extending membership of the multicast groups to 
subscribers with no corresponding objects in the directory (Col. 3 In 21 - 63). 

1 0. Regarding claim 6 - 

Angelo discloses the method as recited in Claim 1, wherein the external authentication 
service is supplied by a Kerberos server (Col. 3 In 21 - 63). 

11. Regarding claim 7- 

Angelo discloses the method as recited in Claim 1 , wherein the event server manages 
the private keys of the subscribers and the publishers (Col. 3 In 21 - 63). 

1 2. Regarding claim 8 - 

Angelo discloses the method as recited in Claim 1, wherein the step of updating 
comprises creating a new group session key; modifying the objects based upon the new 
group session key by using a change password protocol; sending a new message that 
contains the new group session key to the subscribers; and notifying the subscribers to 
reregister (Col. 3 In 21 - 63). 

13. Regarding claim 9 - 

Angelo discloses the method as recited in Claim 1 , wherein the step of registering 
comprises performing access control check of the subscribers by the event server (Col. 
3 In 21 -63). 

14. Claims 10-18 are rejected under 35 U.S.C. 102(e) as being anticipated by Angelo 
et al (US 6,119,228A). 
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1 5. Regarding claim 10- 

Angelo discloses a communication system for creating a plurality of secure multicast 
groups in a network that includes a plurality of principals configured for functioning as a 
subscriber and a publisher, each of the principals having a private key, a multi-master 
directory comprising a directory server for communicating with one or more of the 
principals to authenticate each of the principals and to provide access control, the multi- 
master directory controlling access on a per object and per attribute basis, the 
communication system comprising: an event server coupled to the plurality of principals 
for registering the plurality of principals and for determining whether the principals are 
authorized to produce certain events when the principals are functioning as publishers 
and whether the principals are authorized to receive the certain events when the 
principals are functioning as subscribers, and means in the event server for creating a 
group session key for establishing one of the multicast groups, by distributing the group 
session key in an encrypted message to the subscribers, the encrypted message 
encapsulating the group session key according to a prescribed format; means in the 
event server for updating the group session key by utilizing a change password protocol 
to modify an object in the directory; means in the event server for notifying the 
subscribers to reregister in response to the updating of the group session key (Col. 3 In 
21 -63). 

16. Regarding claim 1 1 - 
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Angelo discloses the communication system as recited in Claim 10, wherein the 
directory server is collocated with the event server, the directory server and the event 
server participating in a common one of the multicast groups (Col. 3 In 21 - 63). 

17. Regarding claim 12 - 

Angelo discloses the communication system as recited in Claim 10, wherein the 
prescribed format of the message conforms to lightweight directory access protocol 
(LDAP) (Col. 3 In 21 -63). 

1 8. Regarding claim 1 3 - 

Angelo discloses the communication system as recited in Claim 10, wherein the 
directory authenticates by controlling access in conjunction with utilizing an external 
authentication service that allows extending membership of the multicast groups to 
subscribers with no corresponding objects in the directory (Col. 3 In 21 - 63). 

19. Regarding claim 14 - 

Angelo discloses the communication system as recited in Claim 13, wherein the 
external authentication service is supplied by a Kerberos server (Col. 3 In 21 - 63). 

20. Regarding claim 1 5 - 

Angelo discloses the communication system as recited in Claim 10, wherein the 
prescribed format of the message comprises a protocol version number field, a 
message type field, and a message length field (Col. 3 In 21 - 63). 

21 . Regarding claim 1 6 - 

Angelo discloses the communication system as recited in Claim 10, wherein the event 
server manages the private keys (Col. 3 In 21 - 63). 
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22. Regarding claim 17 - 

Angelo discloses the communication system as recited in Claim 10, wherein the event 
server updates the group session key by performing the steps of creating a new group 
session key; modifying the objects based upon the new group session key by using a 
change password protocol; sending a new message that contains the new group 
session key to the subscribers; and notifying the subscribers to reregister (Col. 3 In 21 - 
63). 

23. Regarding claim 18 - 

Angelo discloses the communication system as recited in Claim 10, wherein the event 
server performs access control check of the subscribers during registration of the 
subscribers (Col. 3 In 21 - 63). 

24. Claims 19-25 are rejected under 35 U.S.C. 102(e) as being anticipated by Angelo 
etal(US6,119,228A). 

25. Regarding claim 19 - 

Angelo discloses a computer system for establishing multiple secure multicast groups, 
the computer system comprising a communication interface for communicating with a 
plurality of nodes and for interfacing a multi-master directory to authenticate the 
computer system and the plurality of nodes, the multi-master directory having access 
controls on a per object and per attribute basis, wherein the nodes access the directory 
to determine events that the nodes may process, a bus coupled to the communication 
interface for transferring data; one or more processors coupled to the bus for selectively 
generating a group session key and private keys corresponding to the plurality of nodes, 
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the group session key being updated by utilizing a change password protocol to modify 
an object corresponding to the events in the directory; and a memory coupled to the one 
or more processors via the bus, the memory including one or more sequences of 
instructions which when executed by the one or more processors cause the one or 
more processors to perform the steps of registering the plurality of nodes, determining 
whether the nodes are authorized to produce and authorized to receive certain events 
corresponding to objects of the directory, distributing the group session key to the nodes 
via a message, the message encapsulating the group session key according to a 
prescribed format, and selectively reregistering the nodes in response to updating the 
group session key (Col. 3 In 21 - 63). 

26. Regarding claim 20 - 

Angelo discloses the computer system as recited in Claim 19, wherein the directory 
server is collocated with the event server, the directory server and the event server 
participating in a common one of the multicast groups (Col. 3 In 21 - 63). 

27. Regarding claim 21 - 

Angelo discloses the computer system as recited in Claim 19, wherein the prescribed 
format of the message conforms to lightweight directory access protocol (LDAP) (Col. 3 
In 21 -63). 

28. Regarding claim 22 - 

Angelo discloses the computer system as recited in Claim 19, wherein the directory 
authenticates by using authentication services of the directory in conjunction with a 
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Kerberos service that allows extending membership to the multicast groups to nodes 
with no objects in the directory (Col. 3 In 21 - 63). 

29. Regarding claim 23 - 

Angelo discloses the computer system as recited in Claim 19, wherein the event server 
manages private keys of the plurality of nodes (Col. 3 In 21 - 63). 

30. Regarding claim 24 - 

Angelo discloses the computer system as recited in Claim 19, wherein the event server 
updates the group session key by performing the steps of creating a new group session 
key; modifying the objects based upon the new group session key by using a change 
password protocol; sending a new message that contains the new group session key to 
the subscribers; and notifying the subscribers to reregister (Col. 3 In 21 - 63). 

31 . Regarding claim 25 - 

Angelo discloses the computer system as recited in Claim 19, wherein the computer 
system performs access control check of the nodes during registration (Col. 3 In 21 — 
63). 

32. Claims 26-30 are rejected under 35 U.S.C. 102(e) as being anticipated by Angelo 
et al (US 6.119.228A). 

33. Regarding claim 26 » 

Angelo discloses a computer-readable medium carrying one or more sequences of 
instructions for securely establishing communication in a multicast group of nodes of a 
network, in which the network includes publisher nodes, subscriber nodes, a multi- 
master directory that stores information about events in the network and that can 
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authenticate the subscriber nodes and the publisher nodes, whereby each of the 
subscriber nodes and the publisher nodes receives a unique private key and that can 
determine events that the subscribers and the publishers may process, wherein 
execution of the one or more sequences of instructions by one or more processors 
causes the one or more processors to perform the steps of: registering the subscribers 
and the publishers with an event server, the event server determining whether the 
publishers are authorized to produce certain events corresponding to the event types 
and whether the subscribers are authorized to receive the certain events in response to 
the step of accessing; generating a group session key for establishing one of the 
multicast groups, the group session key being encrypted in a message that has a 
prescribed format (Col. 3 In 21 - 63). 

34. Regarding claim 27 - 

Angelo discloses a computer-readable medium as recited in Claim 26, further 
comprising the steps of: receiving a message from the subscribers in response to the 
subscribers determining whether the received message corresponds to a correct key 
version; updating the group session key; and selectively reregistering the subscribers at 
the event server (Col. 3 In 21 - 63). 

35. Regarding claim 28 - 

Angelo discloses a computer-readable medium as recited in Claim 26, wherein the step 
of authenticating comprises controlling access by the directory in conjunction with 
utilizing an external authentication service that allows extending membership of the 
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multicast groups to subscribers with no corresponding objects in the directory (Col. 3 In 
21-63). 

36. Regarding claim 29 - 

Angelo discloses a computer-readable medium as recited in Claim 26, wherein the step 
of updating comprises: creating a new group session key; modifying the objects based 
upon the new group session key by using a change password protocol; sending a new 
message that contains the new group session key to the subscribers; and notifying the 
subscribers to reregister (Col. 3 In 21 - 63). 

37. Regarding claim 30 - 

Angelo discloses a computer-readable medium as recited in Claim 26, wherein the step 
of registering comprises performing access control check of the subscribers by the 
event server (Col. 3 In 21 - 63). 

Conclusion 

38. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

39. Stubblebine (US 6,21 6,231 B1) discloses security protocols and policy constraints 
in distributed systems. 

40. Bowman-Amuah (US 6,332,1 63B1 ) discloses a method for providing 
communication services over a computer network system. 

41 . Examiner's note: Examiner has cited particular columns and line numbers in 
the references as applied to the claims above for the convenience of the applicant. 
Although the specified citations are representative of the teachings in the art and are 
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applied to the specific limitations within the individual claim, other passages and figures 
may be applied as well. It is respectfully requested from the applicant, in preparing the 
responses, to fully consider the references in entirety as potentially teaching all or part 
of the claimed invention as well as the context of the passage as taught by the prior art 
or disclosed by the examiner. 

42. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Cristina O Sherr whose telephone number is 703-305- 
0625. The examiner can normally be reached on Monday through Friday 8:30 to 5:00. 

43. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, James Trammell can be reached on 703-305-9768. The fax phone 
numbers for the organization where this application or proceeding is assigned are 703- 
305-7687 for regular communications and 703-305-7687 for After Final 
communications. 

44. Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 703-305- 
3900. 
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